Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79c84469-206e-4cce-adbd-56e0a073c569.roa
File:                     79c84469-206e-4cce-adbd-56e0a073c569.roa (raw, json)
Hash identifier:          hTSmYL37aiMuT6ekmzvJJRerWYNf4JIpf4RQ6KYBdok=
Subject key identifier:   FE:B1:63:4B:20:0E:CF:8E:66:AE:65:76:06:2F:F8:95:AF:E1:86:4E
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2C01318F761C5A60F879D162DB9A779591756945
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79c84469-206e-4cce-adbd-56e0a073c569.roa
Signing time:             Sat 19 Apr 2025 02:23:18 +0000
ROA not before:           Sat 19 Apr 2025 02:23:18 +0000
ROA not after:            Sat 24 May 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sat 19 Apr 2025 02:43:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:01:31:8f:76:1c:5a:60:f8:79:d1:62:db:9a:77:95:91:75:69:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Apr 19 02:23:18 2025 GMT
            Not After : May 24 23:59:59 2025 GMT
        Subject: serialNumber=9ccb493a494e7beff121d04e76d2d98d071c723a7811b213fb52e5d4c66be759, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:fe:bd:0a:75:8b:46:30:54:68:90:2a:fe:f8:
                    96:f4:75:9d:dc:69:a3:dd:1c:0b:31:77:d9:91:81:
                    12:6b:e2:88:d2:2f:cd:e2:fa:b1:a5:15:3f:55:82:
                    2f:5f:8d:f0:40:4e:86:94:13:3f:af:74:10:98:3a:
                    87:96:17:e0:21:55:8e:a4:81:11:f6:38:76:02:f3:
                    76:2b:62:f4:24:05:94:32:39:0c:9d:0f:21:30:10:
                    f7:f9:cc:dc:04:04:52:c4:89:8a:7c:d8:e3:0c:c6:
                    f7:13:8f:63:bf:7a:58:f3:a6:b1:4b:92:af:72:a2:
                    33:46:88:c7:38:b0:6d:22:b7:32:0a:ea:64:53:f3:
                    00:79:78:07:49:ce:f7:af:be:ed:a9:47:ad:5a:42:
                    83:95:3d:2d:4b:83:18:c6:71:d7:d7:d6:8e:12:bb:
                    e3:1f:b2:e3:52:55:25:b7:fb:49:ce:a2:a6:93:b5:
                    d8:5b:51:4d:47:3b:3d:a6:28:02:e1:c7:fc:63:51:
                    f8:b4:28:79:0f:79:a2:45:b8:2e:04:d1:15:93:17:
                    e9:f2:19:41:75:2d:59:82:75:c1:ca:fa:17:1b:89:
                    56:33:b5:8e:b9:e5:05:42:c3:40:a3:50:cb:e3:e9:
                    0e:95:e7:66:9d:64:42:1a:c6:9a:c4:5d:9d:80:aa:
                    9b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:B1:63:4B:20:0E:CF:8E:66:AE:65:76:06:2F:F8:95:AF:E1:86:4E
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/79c84469-206e-4cce-adbd-56e0a073c569.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:3f:94:5c:5f:a1:58:6b:40:61:42:7e:60:19:71:8f:9e:a8:
         b3:78:a5:0b:cb:e8:8c:91:a8:59:55:f2:bd:1c:5a:55:52:ed:
         51:e5:03:08:c7:71:3a:b6:d8:d2:31:0d:09:49:34:aa:22:f3:
         a7:26:20:ad:58:87:a7:d5:cf:ef:1c:46:ca:86:51:08:a4:06:
         b5:84:48:a5:3b:91:a4:8c:52:8b:2d:32:2f:e3:3d:df:d0:dc:
         3f:7e:5a:ac:7a:e8:50:a0:7d:c9:58:b0:fb:ad:87:05:8c:a8:
         77:a6:2e:ed:6c:2c:d3:8b:65:8b:44:7c:54:2b:a6:7b:7b:10:
         c9:d9:47:3d:a3:7d:81:4e:ca:7c:2b:55:c8:70:b6:8c:49:da:
         25:aa:71:04:38:a9:e9:9e:fe:15:6f:1d:cc:54:45:0b:f9:2c:
         ec:73:84:02:12:d4:ee:ed:61:8e:24:9c:5e:54:e9:57:53:6c:
         88:48:ae:15:8f:50:93:27:2d:ce:4a:9a:18:e3:cb:ab:ce:16:
         cc:6e:fc:98:4d:69:1d:a0:26:2d:25:db:2a:17:ce:ec:6a:d5:
         e2:e3:39:92:b5:2d:84:1f:67:bd:30:79:58:ce:5b:7c:3d:75:
         79:59:f0:45:ac:95:0a:e5:de:ae:43:c0:1c:65:fd:db:a9:9e:
         bd:f4:5d:10
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULAExj3YcWmD4edFi25p3lZF1aUUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDE5MDIyMzE4WhcNMjUwNTI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5Y2NiNDkzYTQ5NGU3YmVmZjEyMWQwNGU3NmQyZDk4ZDA3
MWM3MjNhNzgxMWIyMTNmYjUyZTVkNGM2NmJlNzU5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJ/r0KdYtGMFRokCr++Jb0dZ3caaPdHAsxd9mRgRJr4ojS
L83i+rGlFT9Vgi9fjfBAToaUEz+vdBCYOoeWF+AhVY6kgRH2OHYC83YrYvQkBZQy
OQydDyEwEPf5zNwEBFLEiYp82OMMxvcTj2O/eljzprFLkq9yojNGiMc4sG0itzIK
6mRT8wB5eAdJzvevvu2pR61aQoOVPS1LgxjGcdfX1o4Su+MfsuNSVSW3+0nOoqaT
tdhbUU1HOz2mKALhx/xjUfi0KHkPeaJFuC4E0RWTF+nyGUF1LVmCdcHK+hcbiVYz
tY655QVCw0CjUMvj6Q6V52adZEIaxprEXZ2AqptDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/rFjSyAOz45mrmV2Bi/4la/hhk4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzc5Yzg0NDY5LTIwNmUtNGNjZS1hZGJkLTU2ZTBhMDczYzU2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBABw/lFxfoVhrQGFCfmAZcY+eqLN4
pQvL6IyRqFlV8r0cWlVS7VHlAwjHcTq22NIxDQlJNKoi86cmIK1Yh6fVz+8cRsqG
UQikBrWESKU7kaSMUostMi/jPd/Q3D9+Wqx66FCgfclYsPuthwWMqHemLu1sLNOL
ZYtEfFQrpnt7EMnZRz2jfYFOynwrVchwtoxJ2iWqcQQ4qeme/hVvHcxURQv5LOxz
hAIS1O7tYY4knF5U6VdTbIhIrhWPUJMnLc5Kmhjjy6vOFsxu/JhNaR2gJi0l2yoX
zuxq1eLjOZK1LYQfZ70weVjOW3w9dXlZ8EWslQrl3q5DwBxl/dupnr30XRA=
-----END CERTIFICATE-----